Breadcrumb
  1. Interactive Tools
  2. NICE Workforce Framework for Cybersecurity (NICE Framework)

NICE Workforce Framework for Cybersecurity (NICE Framework)

The NICE Workforce Framework for Cybersecurity, commonly referred to as the NICE Framework, is a nationally focused resource to help employers develop their cybersecurity workforce. It establishes a common lexicon that describes cybersecurity work and workers regardless of where or for whom the work is performed. The NICE Framework applies across public, private, and academic sectors.

The NICE Framework includes the following components:

  • Work Role Categories: A high-level grouping of common cybersecurity functions.
  • Work Roles: A grouping of work for which someone is responsible or accountable. Please note, Work Roles are not synonymous to job titles or occupations.
  • TKS Statements: A set of discrete building blocks that describe the work to be done (in the form of Tasks) and what is required to perform that work (through Knowledge and Skills).
  • Competency Areas: Clusters of related Knowledge and Skill statements that correlate with one’s capability to perform Tasks in a particular domain.

The NICE program of the National Institute for Standards and Technology (NIST) released NICE Framework Components v2.0.0 in March 2025 with updates to Work Role Categories, Work Roles, and Competency Areas, and administrative updates to Task, Knowledge, and Skill (TKS) statements. The updated NICE Framework Components also include the removal of two Work Role Categories (Cyberspace Effects and Cyberspace Intelligence), and the Work Roles contained in them. Note that these can be now found within the DoD Cyber Workforce Framework (DCWF).

To explore the updated version of the NICE Framework, click on the Work Role Categories below or use the links at the top of this page to search within the NICE Framework components. To learn more, visit the NICE Framework Resource Center and review the NICE Framework Overview PDF.

 

 

Work Role Categories

Cybercrime Investigation

Responsible for investigating cyberspace intrusion incidents and crimes. Applies tactics, techniques, and procedures for a full range of investigative tools and processes and appropriately balances the benefits of prosecution versus intelligence gathering.

Digital Evidence Analysis

Responsible for identifying, collecting, examining, and preserving digital evidence using controlled and documented analytical and investigative techniques.

The NICE Framework data used for this tool is from the NICE Framework Components version 2.0.0.

Looking for Cyberspace Intelligence or Cyberspace Effects Work Role Categories and corresponding Work Roles? These can now be found within the DoD Cyber Workforce Framework (DCWF).

Last Published Date:

You have been selected to participate in a brief survey about your experience today with National Initiative for Cybersecurity Careers and Studies.

Would you like to participate in our survey?

If you accept you will be leaving the National Initiative for Cybersecurity Careers and Studies website and going to a third party site.
That site may have different privacy, security and accessibility policies than the National Initiative for Cybersecurity Careers and Studies site.
National Initiative for Cybersecurity Careers and Studies does not endorse any commercial products, services, programs or content on the third party website.
Thank you for visiting our site. We hope your visit was informative and enjoyable.